Mercy Medical Center Clinton Risk Management Senior Analyst in Livonia, Michigan
Ability to work 100% Remote
The Risk Management Senior Analyst position is required to design, implement and manage the organization's information security controls based on the HITRUST framework, with the goal of achieving certification. The position will also manage the organization's information security policies and procedures.
Provides advanced knowledge, concepts, and analytical skills in the area of Information Security to direct and support the management and administration of information security services in one or more specific information security domains, which includes:
• Security Risk Assessments (Projects or Programs)
• User Access Reviews
• Regulatory Compliance; i.e. HIPAA, PCI
• Governance Risk and Compliance (GRC)
• Communications and Awareness
Plans and implements security initiatives, resolves complex security issues, and mitigates threats and vulnerabilities across an Information Security service. Oversees specific projects to design, develop, engineer and implement solutions to security requirements Communicates advanced information security concepts with clients, peers, and all levels of management and vendors effectively. Establishes and operates information security reporting procedures to validate that security controls remain in place. Acts as an advocate and resource on information security for various Regional Health Ministry (RHMs) areas and/or system-wide initiatives. Assists the business owners of various Information Resources in addressing security issues.
Knows, understands, incorporates and demonstrates the Trinity Health Mission, Vision and Values in behaviors, practices and decisions.
Develops designs and operates one or more information security domains. Provides technical consultation and assistance in identifying, evaluating and documenting use of systems and other related services to ensure compliance with EIS policies.
Resolves complex security issues, and mitigates threats and vulnerabilities across an Information Security service. Reviews various system and technical documents and applies security templates.
Interacts with multiple vendors to ensure a cohesive client-vendor relationship that maintains and upholds services in the best interest of Trinity Health.
Provides guidance and direction on enterprise security procedures, security technology, and security design work; works with business stakeholders to define Information Security processes. Works collaboratively with other security professionals and Security Managers to standardize information security industry best practices.
Contributes to the creation of department procedures, standards and documentation for all information security services. Utilizes excellent verbal and written communication skills.
Represents the EIS Manager and Director, when applicable, on EIS matters as well as serve as EIS liaison with Security and Privacy Officials.
Participates in the development and promotion of Information Security information for general awareness.
Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives.
Ensures all projects and services meet Trinity Health Information security and regulatory standards, policies and procedures while delivering business requirements.
Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.
Bachelor’s degree or an equivalent combination of education and experience.
Minimum of five (5) years of progressive experience in information services including three (3) years in information security, including experience in compliance with federal and state security regulations.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM),Certified Information Systems Auditor (CISA) or equivalent required.
Must possess a good understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.
Working knowledge of HIPAA, PCI-DSS, and NIST Cybersecurity Framework.
Experience with administrative and technical assessments as well as enforcing organizational compliance.
Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.
Ability to work under general direction, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and work load.
A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals and values of Trinity Health.
Trinity Health's Commitment to Diversity and Inclusion
Trinity Health employs about 133,000 colleagues at dozens of hospitals and hundreds of health centers in 22 states. Because we serve diverse populations, our colleagues are trained to recognize the cultural beliefs, values, traditions, language preferences, and health practices of the communities that we serve and to apply that knowledge to produce positive health outcomes. We also recognize that each of us has a different way of thinking and perceiving our world and that these differences often lead to innovative solutions.
Trinity Health's dedication to diversity includes a unified workforce (through training and education, recruitment, retention and development), commitment and accountability, communication, community partnerships, and supplier diversity.
Trinity Health is one of the largest multi-institutional Catholic health care delivery systems in the nation, serving diverse communities that include more than 30 million people across 22 states. Trinity Health includes 94 hospitals, as well as 109 continuing care locations that include PACE programs, senior living facilities, and home care and hospice services. Its continuing care programs provide nearly 2.5 million visits annually.
Based in Livonia, Mich., and with annual operating revenues of $17.6 billion and assets of $24.7 billion, the organization returns $1.1 billion to its communities annually in the form of charity care and other community benefit programs. Trinity Health employs about 133,000 colleagues, including 7,800 employed physicians and clinicians.
Committed to those who are poor and underserved in its communities, Trinity Health is known for its focus on the country's aging population. As a single, unified ministry, the organization is the innovator of Senior Emergency Departments, the largest not-for-profit provider of home health care services — ranked by number of visits — in the nation, as well as the nation’s leading provider of PACE (Program of All Inclusive Care for the Elderly) based on the number of available programs. For more information, visit www.trinity-health.org at http://www.trinity-health.org/ . You can also follow @TrinityHealthMI on Twitter.